/// <summary>
/// Create an Apache compatible MD5 encoded password based off of the raw input. The output will be in form
/// $apr1$salt$hash
/// </summary>
static public string ApacheEncrypt(string password)
{
StringBuilder salt = new StringBuilder();
Random randgen = new Random();
while (salt.Length < 8)
{
int index = (int)(randgen.NextDouble() * ValidSaltCharacters.Length);
salt.Append(ValidSaltCharacters.Substring(index, 1));
}
return(ApacheEncryption.ApacheEncrypt(password, salt.ToString()));
}
/// <summary>
/// Verifies that <paramref name="plainText"/> would result in <paramref name="hashedValue"/> if hashed based on
/// the algorithm.
/// </summary>
static public bool VerifyPassword(string plainText, string hashedValue)
{
if (hashedValue.StartsWith("$1$"))
{
return(hashedValue.Equals(ApacheEncryption.Encrypt(plainText, hashedValue)));
}
else if (hashedValue.StartsWith("$apr1$"))
{
return(hashedValue.Equals(ApacheEncryption.ApacheEncrypt(plainText, hashedValue)));
}
else
{
throw new InvalidOperationException("Bad plain text input, does not conform to Apache.");
}
}